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respectfully requested. 

Claim Objections 

The Examiner objected to claim 19 over informalities. Applicants amend claim 19 to 
address the Examiner's objection. Accordingly, withdrawal of the Examiner's objection is 
requested. 

Claim Rejections - $1 12 
The Examiner rejected claims 12-15 as indefinite. Applicants amend claims 12-15 to 
better clarify aspects of the present invention and to address the Examiner's rejections. 
Accordingly, withdrawal of the Examiner's rejection is requested. 

Claim Rejections - §102 

The Examiner rejected claims 1-5, 10-11, 16-18, and 21-22 as anticipated by U.S. Patent 
No. 6,233,576 to Lewis (hereinafter the "Lewis patent"). Applicants amend claims 1 and 16-21 
to address the Examiner's rejections. Applicants cancel claim 22. As such, the rejection as 
applied to claim 22 is moot. 

Amended claim 1 recites, inter alia: 

associating with at least one of the users an access permission that 
enables the user to access at least one of the digital facilities, 

associating with at least one of the users a grant permission that enables 
the user to give to another user a user permission with respect to at least one of 
the digital facilities, and 

creating a user profile for each of the users, each of said user profiles 
including permission information with respect to the corresponding user . 

(emphasis added) 

In contrast, the Lewis patent does not teach or suggest "creating a user profile for each of 
the users ... including permission information with respect to the corresponding user." The 
Lewis patent, in fact, describes a method to enhance the security provisions of computer systems 
by mapping the available operating system permissions to specified resource authorities for each 
of a set of aspects of a computer system resource. Similar to the file system of a UNIX operating 
system, a computer system according to the Lewis patent has three types of authorization and/or 
permissions each corresponding to an aspect of a resource defined by a three-bit value. Table 1 
of the Lewis patent illustrates four system resources (resource data, resource attributes, resource 
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security, resource class) each having three aspects that correspond to the read, write, and execute 
file permission aspects of the operating system, respectively. Accordingly, the possible 
permissions associated with each aspect of a resource are represented by a single operating 
system file. Moreover, three three-bit values are used to define permissions of the owner, of 
other users of a group, and of any other users, with respect to a resource. For instance, the value 
770 (i.e., 111-11 1-000) of a resource data represents the permissions to view, modify, and delete 
the data by the owner and by the users of the owner's group, but no permission to any other 
users. See, e.g., col. 14, line 37 — col. 15, line 22 of the Lewis patent. 

In the outstanding Office Action, the Examiner states that Fig. 2 of the Lewis patent 
teaches the permission information that is stored as user profiles in the database. The Assignee 
respectfully disagree. Contrary to the Examiner's contention, Fig. 2 of the Lewis patent 
illustrates only the generation of authorization files (e.g., the class file, the data file, the attributes 
file, and the security file). Each of Lewis' authorization files contains the identities of a plurality 
of users having permissions to access such authorization file and their corresponding one or more 
of the three permissions (i.e., read, write, execute). See Fig. 2, and col. 1 1, lines 26-39 of the 
Lewis patent. Thus, Lewis teaches creating authorization files that include permissions for a 
plurality of users rather than "creating a user profile for each of the users," as required by claim 
1 . As a result, it is respectfully submitted that the Lewis patent does not teach or suggest 
important elements of claim 1. Accordingly, withdrawal of the Examiner's rejection is 
respectfully requested. 

Claims 2-5 depend from claim 1. Thus, claims 2-5 similarly distinguish over the Lewis 
patent and withdrawal of the Examiner's rejection is respectfully requested. 

Claims 10-11 depend from claim 1. Thus, claims 10 and 1 1 similarly distinguish over 
the Lewis patent and withdrawal of the Examiner's rejection is respectfully requested. 

Claim 16 recites, in pertinent part, "create a user profile for each of the users, each of 

said user profiles including permission information with respect to the corresponding user". It is 

respectfully submitted that the Lewis patent does not teach or suggest this important element of 

claim 16. Accordingly, withdrawal of the Examiner's rejection is respectfully requested. 

Claim 17 recites, in pertinent part, "means for creating a user profile for each of the 

users^ each of said user profiles including permission information with respect to the 

corresponding user". It is respectfully submitted that the Lewis patent does not teach or suggest 

this important element of claim 17. Accordingly, withdrawal of the Examiner's rejection is 
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respectfully requested. 

Claim 18 recites, in pertinent part, "storage means containing user profiles for each of the 
users, said user profile of each user including access information regarding the power of the user 
to access at least one of the digital facilities and grant information regarding the power of the 
user to grant a permission to another user with respect to at least one of the digital facilities". It 
is respectfully submitted that the Lewis patent does not teach or suggest this important element 
of claim 18. Accordingly, withdrawal of the Examiner's rejection is respectfully requested. 

Claim 21 recites, in pertinent part, "creating user profiles for each of the users in the 
database, each user profile containing the access and grant permission information of the 
corresponding user". It is respectfully submitted that the Lewis patent does not teach or suggest 
this important element of claim 21. Accordingly, withdrawal of the Examiner's rejection is 
respectfully requested. 

Applicants cancel claim 22 without prejudice or disclaimer. 

Claim Rejections - §103 

The Examiner rejected claims 12, 25, and 27 as obvious over the Lewis patent, rejected 
claims 6-9, 19-20, and 23 as obvious over the Lewis patent in view of U.S. Patent No. 6,178,505 
to Schneider et ah (hereinafter the "Schneider patent"), and rejected claims 13-15, 24, and 26 as 
obvious over the Lewis patent in view of U.S. Patent No. 5,173,939 to Abadi et ah (hereinafter 
the "Abadi patent"). Applicants submit that all these pending claims, as amended, distinguish 
over the art of record and are in condition for allowance. 

The Schneider patent generally describes a system and method for secure delivery of 
information over a network such as the Internet. According to the Schneider patent, a scalable 
access filter is used to control access by users with respect to information resources provided by 
servers in the network. Access is permitted or denied according to access policies which define 
access in terms of the user group and information sets. 

The Abadi patent, on the other hand, generally describes an access control subsystem for 

a distributed computer system. According to the Abadi patent, each object of the distributed 

computer system has an access control list. The access control lists define sets of simple or 

compound principals who are authorized to access the corresponding objects. A reference 

checking process by the computer system grants or denies an access request based on whether 

the requestor is stronger than any one of the entries in the access control list for the resource 
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requested. Nothing in the Schneider patent or in the Abadi patent, however, teaches or suggests 
creating a profile of each user for storing demographic information, such as the relevant 
permission information, about the user with respect to the digital facilities of the system. 
Therefore, applicants submit that neither the Schneider patent nor the Abadi patent describes the 
above-mentioned element of the present invention, and the present application similarly 
distinguishes over the Schneider patent and the Abadi patent. 

Claims 6-9 depend from claim 1 . As discussed, neither the Lewis patent nor the 
Schneider patent describes the above-mentioned limitation of claim 1. Thus, claims 6-9 
distinguish over the Lewis patent and the Schneider patent and withdrawal of the Examiner's 
rejection is respectfully requested. 

Claim 12 depends from claim 1. Thus, applicants submit that claim 12 distinguishes 
over the Lewis patent and withdrawal of the Examiner's rejection is respectfully requested. 

Claims 13-15 depend from claim 1 . As discussed, neither the Lewis patent nor the Abadi 
patent describes the above-mentioned limitation of claim 1. Thus, claims 13-15 distinguish over 
the Lewis patent and the Abadi patent and withdrawal of the Examiner's rejection is respectfully 
requested. 

Claim 19 recites, in pertinent part, "creating a user profile for each of the individuals, 
each of said user profiles including permission information with respect to the corresponding 
individual". It is respectfully submitted that neither the Lewis patent nor the Schneider patent 
teaches or suggests this important element of claim 19. Accordingly, withdrawal of the 
Examiner's rejection is respectfully requested. 

Claim 20 recites, in pertinent part, "in response to a request from a user to the web site, 
determining if the user has permission to have the request served in accordance with permission 
information contained in a user profile of the user, enabling, in accordance with permission 
information contained in a granting user's user profile, one of the users to grant to another of the 
users selectively either only a permission to have a particular type of request served, only a 
permission to grant other users the ability to grant permissions, or both". As discussed, neither 
the Lewis patent nor the Schneider patent describes the above-mentioned elements of claim 20. 
Thus, claim 20 distinguishes over the Lewis patent and the Schneider patent and withdrawal of 
the Examiner's rejection is respectfully requested. 

Claim 23 depends from claim 21 . As discussed, neither the Lewis patent nor the 

Schneider patent describes the above-mentioned limitation of claim 21 . Thus, claim 23 
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distinguishes over the Lewis patent and the Schneider patent and withdrawal of the Examiner's 
rejection is respectfully requested. 

Claim 24 depends from claim 21. As discussed, neither the Lewis patent nor the Abadi 
patent describes the above-mentioned limitation of claim 21. Thus, claim 24 distinguishes over 
the Lewis patent and the Abadi patent and withdrawal of the Examiner's rejection is respectfully 
requested. 

Claim 25 depends from claim 21. As discussed, the Lewis patent does not describe the 
above-mentioned limitation of claim 21. Thus, claim 25 distinguishes over the Lewis patent and 
withdrawal of the Examiner's rejection is respectfully requested. 

Claim 26 depends from claim 21. As discussed, neither the Lewis patent nor the Abadi 
patent describes the above-mentioned limitation of claim 21. Thus, claim 26 distinguishes over 
the Lewis patent and the Abadi patent and withdrawal of the Examiner's rejection is respectfully 
requested. 

Claim 27 recites, in pertinent part, "maintaining a database of profiles that define 
permissions of users and companies to access the digital facility, authorizing at least one user to 
create profiles for other users, and automatically making a user who creates a profile for another 
user or for a company, a manager of the profile of the other user or the company". As discussed 
above, the Lewis patent does not describe these important elements of claim 27. Thus, claim 27 
distinguishes over the Lewis patent and withdrawal of the Examiner's rejection is respectfully 
requested. 



Should the Examiner in reviewing the communication have any questions or need any 
additional information, he is welcome to contact the undersigned at (213) 680-6692. 



Conclusion 



DATE: August 26, 2002 
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San Francisco, California 94111 
Telephone: (650)849-4400 
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52084639.3 
8/26/02 2:52 PM 



10 




Version with markings to show changes made 



Attachment A 




1 . (Amended) A method comprising 

making at least one digital facility available from a source to users via an electronic 
communication medium, 

associating with at least one of the users an access permission that enables the user to 
access at least one of the digital facilities, [and] 

associating with at least one of the users a grant permission that enables the user to give 
to another user a user permission with respect to at least one of the digital facilities , and 

creating a user profile for each of the users, each of said user profiles including 
permission information with respect to the corresponding user . 

2. (Amended) The method of claim 1 in which the user permission that is granted to 
another user comprises a perform permission. 

3. (Amended) The method of claim 1 in which the user permission that is granted to 
another user comprises a grant permission. 

10. (Amended) The method of claim 1 in which the user can give [the other] another 
user both [access] perform permission and grant permission. 

1 1 . (Amended) The method of claim 1 in which the digital facility comprises an 
application program, and the application defines [the] permissions grantable to users . 

12. (Amended) The -method of claim 1 in which the users comprise companies and 
individuals who are associated with respective companies, and the user permission is 
characterized as, in the case of a company, a [permissions comprise] company permission 
[permissions] that applies [apply] to individuals associated with the company [one of the 
companies] an d, in the case of an individual, an individual permission [permissions] that a pplies 
[apply] individually to [a user] the individual . 

13. (Amended) The method of claim 1 in which [at least one of the permissions] the 
user permission comprises an aggregate of [other] permissions. 
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14. (Amended) The method of claim 13 in which the aggregate permissions of the 
user permission include [permission includes] fundamental permissions that have arguments of a 
common type. 

15. (Amended) The method of claim 13 in which the user [other user's] permission 
with respect to at least one of the digital facilities [facility] is determined by a combination of an 
individual permission [permissions] and a company [permissions] permission . 

16. (Amended) A medium storing a software program that is capable of configuring a 
machine to: 

make at least one digital facility available from a source to users via an electronic 
communication medium, 

associate with at least one of the users an access permission that enables the user to 
access at least one of the digital facilities, [and] 

associate with at least one of the users a grant permission that enables the user to give to 
another user a user permission with respect to at least one of the digital facilities , and 

create a user profile for each of the users, each of said user profiles including permission 
information with respect to the corresponding user . 

17. (Amended) Apparatus comprising 

means for making at least one digital facility available from a source to users via an 
electronic communication medium, 

means for associating with at least one of the users an access permission that enables the 
user to access at least one of the digital facilities, [and] 

means for associating with at least one of the users a grant permission that enables the 
user to give to another user a permission with respect to at least one of the digital facilities , and 

means for creating a user profile for each of the users, each of said user profiles 
including permission information with respect to the corresponding user . 

1 8. (Amended) Apparatus comprising 
a source of digital facilities, 

an electronic communication medium coupled between the source and users to make at 
least one of the digital facilities [facility] available to the users, and 
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storage means containing user profiles for each of the users, said user profile of each user 
including access information regarding the power of the user to access at least one of the digital 
facilities and grant information regarding the power of the user to grant a permission to another 
user with respect to at least one of the digital facilities. 

[storage containing information identifying an access permission that associates with at 
least one of the users an access permission that enables the user to access at least one of the 
digital facilities, 

storage containing information identifying a grant permission that enables the user to 
give to another user a permission with respect at least one of the digital facilities.] 

19. (Amended) A method comprising 

making business information of a portal-providing company [company] available to 
individuals using a web server and web browsers, 

associating with at least one of the individuals an access permission that enables the 
individual [user] to access the business information, [and] 

associating with at least one of the individuals [users] a grant permission that enables the 
individual [user] to give to another individual [user] a permission with respect to the business 
information , and 

creating a user profile for each of the individuals, each of said user profiles including 
permission information with respect to the corresponding individual . 

20. (Amended) A method comprising 
providing a web site, 

using the web site, interacting with web browsers of users, 

in response to a request from a user to the web site, determining if the user has 

permission to have the request serve d in accordance with permission information contained in a 

user profile of the user , 

enablin g, in accordance with permission information contained in a granting user's user 

profile, one of the users to grant to another of the users [user] selectively either only a permission 

to have a particular type of request served, only a permission to grant other users the ability to 

grant permissions, or both. 

2 1 . (Amended) A method comprising 
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maintaining a database of information that associates each user of a digital facility 
available from a source with permissions that define the rights of the user to access the digital 
facility or to grant to other users the rights with respect to the digital facility, or both, [and] 

creating user profiles for each of the users in the database, each user profile containing 
the access and grant permission information of the corresponding user, and 

enabling a user [users] who has [have] the permission to do so, to alter the permissions 
associated with the user. 



52084839.3 
8/26/02 2:52 PM 



14 



